Linode Forum
Linode Community Forums
 FAQFAQ    SearchSearch    MembersMembers      Register Register 
 LoginLogin [ Anonymous ] 
Post new topic  Reply to topic
Author Message
 Post subject: MySQL and CodeIgniter
PostPosted: Fri Mar 16, 2012 4:02 pm 
Offline
Junior Member

Joined: Sat Feb 11, 2012 3:29 pm
Posts: 26
hi all , I have this SQL Query :
Code:
SELECT *, ( 3959 * acos( cos( radians(41.832100) ) * cos( radians( latitude ) ) * cos( radians( longitude) - radians(-87.789597) ) + sin( radians(41.832100) ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < 10 ORDER BY distance LIMIT 0 , 5;


when I run it through phpMyAdmin or n the command line it works.
However I tried to implement it with codeigniter via the $this->db->query(); function.

like so :
Code:
$nearby_cities = $this->db->query("SELECT city,state,zip, ( 3959 * acos( cos( radians($latitude) ) * cos( radians( latitude ) ) * cos( radians( longitude) - radians($longitude) ) + sin( radians($latitude) ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < 25 ORDER BY distance LIMIT 0 , 3;");


and I get this :
Code:
Error Number: 1582

Incorrect parameter count in the call to native function 'radians'

SELECT city,state,zip, ( 3959 * acos( cos( radians() ) * cos( radians( latitude ) ) * cos( radians( longitude) - radians() ) + sin( radians() ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < 25 ORDER BY distance LIMIT 0 , 3;


it does not make sense that when I run the exact same query on phpmyadmin and through the command line on mysql it works , but with php and codeigniter, mysql gives me an error. can any one help ?


Top
   
 Post subject:
PostPosted: Fri Mar 16, 2012 4:07 pm 
Offline
Senior Member

Joined: Sun Mar 07, 2010 7:47 pm
Posts: 1970
Website: http://www.rwky.net
Location: Earth
You have some $ which make the latitude and longitudes variables which are empty
Quote:
$nearby_cities = $this->db->query("SELECT city,state,zip, ( 3959 * acos( cos( radians($latitude) ) * cos( radians( latitude ) ) * cos( radians( longitude) - radians($longitude) ) + sin( radians($latitude) ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < 25 ORDER BY distance LIMIT 0 , 3;");

_________________
Paid support
How to ask for help
1. Give details of your problem
2. Post any errors
3. Post relevant logs.
4. Don't hide details i.e. your domain, it just makes things harder
5. Be polite or you'll be eaten by a grue


Top
   
 Post subject:
PostPosted: Fri Mar 16, 2012 7:46 pm 
Offline
Junior Member

Joined: Sat Feb 11, 2012 3:29 pm
Posts: 26
obs wrote:
You have some $ which make the latitude and longitudes variables which are empty
Quote:
$nearby_cities = $this->db->query("SELECT city,state,zip, ( 3959 * acos( cos( radians($latitude) ) * cos( radians( latitude ) ) * cos( radians( longitude) - radians($longitude) ) + sin( radians($latitude) ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < 25 ORDER BY distance LIMIT 0 , 3;");


Latitude and Longitude are columns in my table. I managed to fix the problem by doing this.

Code:
$query = sprintf("SELECT *, ( 3959 * acos( cos( radians('%s') ) * cos( radians( latitude ) ) * cos( radians( longitude ) - radians('%s') ) + sin( radians('%s') ) * sin( radians( latitude ) ) ) ) AS distance FROM cities_extended HAVING distance < '%s' ORDER BY distance LIMIT 0 , 20",
           mysql_real_escape_string('41.832100'),
            mysql_real_escape_string('-87.789597'),
            mysql_real_escape_string('41.832100'),
            mysql_real_escape_string('25'));
           
         $nearby_cities = $this->db->query($query);

that was quite strange!


Top
   
 Post subject:
PostPosted: Fri Mar 16, 2012 9:05 pm 
Offline
Senior Member
User avatar

Joined: Sat Aug 30, 2008 1:55 pm
Posts: 1739
Location: Rochester, New York
FYI, try to avoid being in the habit of handling queries like that. Obviously this particular case is safe, but read this before you pass user-provided data into your app.

Also, obligatory meme.

_________________
Code:
/* TODO: need to add signature to posts */


Top
   
 Post subject:
PostPosted: Fri Mar 16, 2012 10:39 pm 
Offline
Senior Member

Joined: Fri May 02, 2008 8:44 pm
Posts: 1121
In CodeIgniter, what hoopycat recommends is called "Query Bindings".

http://codeigniter.com/user_guide/database/queries.html


Top
   
 Post subject:
PostPosted: Sat Mar 17, 2012 10:03 am 
Offline
Senior Member
User avatar

Joined: Tue Apr 13, 2004 6:54 pm
Posts: 833
To agree with the above, "bind variables" are very good practice. Not only do they help with avoiding SQL injection attacks, they can actually have performance benefits in some databases!

eg
if I do "select * from table where column1=$myvar" then run it twice with myvar=1 and myvar=2 then the SQL parser will see two separate SQL strings and parse them.
However, if I do "select * from table where column1=?" and run it twice with different bind values then the SQL is identical and the SQL parser may be able to use the cached parse results second time around (Oracle definitely works this way). So we are more secure _and_ more efficient.

Neat, huh? :-)

_________________
Rgds
Stephen
(Linux user since kernel version 0.11)


Top
   
 Post subject:
PostPosted: Sat Mar 17, 2012 1:58 pm 
Offline
Senior Member

Joined: Fri May 02, 2008 8:44 pm
Posts: 1121
hoopycat wrote:

I was expecting this...


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Search for:
Jump to:  
RSS

Powered by phpBB® Forum Software © phpBB Group